Exploiting the European Union trusted service status list for certificate validation in STORK: design, implementation, and lessons learnt

摘要

Since December 2009, the European Union Trusted Service Status Lists (TSLs) have been specified and adopted across European Union countries in order to enable the verification of digital signatures with legal values. This paper deals with the exploitation of TSLs in real digital services, other than electronic signatures, that is for certificate validation service. In particular, we used such lists in the service provided by the pan-European Secure identTities acRoss boRders linKed identity management infrastructure in order to validate X.509 public key certificates. In addition, we propose an XML data structure to be used in conjunction with a TSL, in the form of a Trust Service Association (TrSA) file, to hold trust relationships between different services in a TSL. The TrSA file in conjunction with the TSLs may be used directly by the service providers or users to validate certificates. For the generation of the TSLs, we propose also a tool for automatic generation of the TSLs, named TSLGenerator. Copyright (C) 2014 John Wiley & Sons, Ltd.